nodeca / pica

Hello,

Currently, when pica detects that fingerprinting protection is enabled, it throws an error.
Could it be possible to only throw a warning instead of blocking whole process ?

Why is randomization so problematic for Pica? And is it possible to have a workaround? Such as a warning, a non strict mode or a degraded result?

Because we don't control the browser the user is using 🤔

This is the function that detects anti fingerprinting randomization:

pica/lib/utils.js

Lines 139 to 162 in 34e82a5

    
           // Check if canvas.getContext('2d').getImageData can be used, 
        
           // FireFox randomizes the output of that function in `privacy.resistFingerprinting` mode 
        
           module.exports.can_use_canvas = function can_use_canvas(createCanvas) { 
        
             let usable = false; 
        
             try { 
        
               let canvas = createCanvas(2, 1); 
        
               let ctx = canvas.getContext('2d'); 
        
               let d = ctx.createImageData(2, 1); 
        
               d.data[0] = 12; d.data[1] = 23; d.data[2] = 34; d.data[3] = 255; 
        
               d.data[4] = 45; d.data[5] = 56; d.data[6] = 67; d.data[7] = 255; 
        
               ctx.putImageData(d, 0, 0); 
        
               d = null; 
        
               d = ctx.getImageData(0, 0, 2, 1); 
        
               if (d.data[0] === 12 && d.data[1] === 23 && d.data[2] === 34 && d.data[3] === 255 && 
        
                   d.data[4] === 45 && d.data[5] === 56 && d.data[6] === 67 && d.data[7] === 255) { 
        
                 usable = true; 
        
               } 
        
             } catch (err) {} 
        
             return usable; 
        
           };

When anti fingerprinting randomization is detected by Pica, an error is thrown:

pica/index.js

Lines 653 to 658 in 34e82a5

    
           if (!CAN_USE_CANVAS_GET_IMAGE_DATA) { 
        
             let err = new Error('Pica: cannot use getImageData on canvas, ' + 
        
                                 "make sure fingerprinting protection isn't enabled"); 
        
             err.code = 'ERR_GET_IMAGE_DATA'; 
        
             throw err; 
        
           }

More about anti fingerprinting:

Here is nothing to fix. If FF fingerprint protection enabled, pica become completely unusable. And throws error as expected. It's programmer's responsibility to check for success of resize call, and decide what to do without resize.

We do the best of possible - provided descriptive error of failure.

We experienced a possible false positive of the fingerprinting detection. It was reported by a user on iOS with WKWebView.

However I dont see how that could happen based on the code above when not using fingerprinting detection.

	// Check if canvas.getContext('2d').getImageData can be used,
	// FireFox randomizes the output of that function in `privacy.resistFingerprinting` mode
	module.exports.can_use_canvas = function can_use_canvas(createCanvas) {
	let usable = false;
	try {
	let canvas = createCanvas(2, 1);
	let ctx = canvas.getContext('2d');

	let d = ctx.createImageData(2, 1);
	d.data[0] = 12; d.data[1] = 23; d.data[2] = 34; d.data[3] = 255;
	d.data[4] = 45; d.data[5] = 56; d.data[6] = 67; d.data[7] = 255;
	ctx.putImageData(d, 0, 0);
	d = null;

	d = ctx.getImageData(0, 0, 2, 1);

	if (d.data[0] === 12 && d.data[1] === 23 && d.data[2] === 34 && d.data[3] === 255 &&
	d.data[4] === 45 && d.data[5] === 56 && d.data[6] === 67 && d.data[7] === 255) {
	usable = true;
	}
	} catch (err) {}

	return usable;
	};

	if (!CAN_USE_CANVAS_GET_IMAGE_DATA) {
	let err = new Error('Pica: cannot use getImageData on canvas, ' +
	"make sure fingerprinting protection isn't enabled");
	err.code = 'ERR_GET_IMAGE_DATA';
	throw err;
	}

Fingerprinting behaviour